108 matches found
USN-8376-1 frr vulnerabilities
It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2026-28532 It was discovered that FRR incorrectly handled certain BGP FlowSpec component...
SUSE CVE-2026-28532
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...
FRRouting < 10.5.3 Integer Overflow in OSPF TLV Parser Functions
...
CVE-2026-28532
A flaw was found in FRRouting. An integer overflow vulnerability exists in several OSPF Traffic Engineering and Segment Routing TLV parser functions. An attacker with an established OSPF Open Shortest Path Path First adjacency can send a specially crafted LS Link State Update packet containing a...
Cisco Adaptive Security Appliance (ASA) Software OSPF DoS Vulnerabilities (cisco-sa-asaftd-ospf-ZH8PhbSW)
According to its self-reported version, Cisco ASA Software is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
DEBIAN-CVE-2026-28532
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...
CVE-2026-28532 FRRouting < 10.5.3 Integer Overflow in OSPF TLV Parser Functions
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...
CVE-2026-28532
FRRouting before 10.5.3 is affected by an integer overflow in seven OSPF Traffic Engineering and Segment Routing TLV parser functions. A uint16_t accumulator truncates uint32_t values returned by TLV_SIZE(), causing the loop termination condition to fail while pointer advancement continues. An at...
FRRouting 缓冲区错误漏洞
FRouting is an open-source network routing software suite developed for Unix-like platforms. Versions of FRRouting prior to 10.5.3 contained a buffer error vulnerability. This vulnerability stemmed from integer overflows in seven OSPF traffic engineering and segment routing TLV parser functions...
CVE-2026-20025
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF...
CVE-2026-20021
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service DoS condition. Thi...
CVE-2026-20022
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...
EUVD-2026-9477
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the attacker must know th...
EUVD-2026-9480
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service DoS condition...
EUVD-2026-9479
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...
CVE-2026-20021
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service DoS condition. Thi...
CVE-2026-20020
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the attacker must know th...
CVE-2026-20025
CVE-2026-20025 affects Cisco Secure Firewall ASA/FTD OSPF processing. An authenticated, adjacent attacker with the OSPF secret key can send crafted OSPF LSU packets to trigger insufficient input validation, potentially corrupting the heap and causing the device to reload for a DoS. The vulnerabil...
CVE-2026-20024
CVE-2026-20024 affects Cisco Secure Firewall ASA Software and Cisco Secure FTD Software. The root cause is heap corruption in the OSPF service when parsing packets, exploitable by an adjacent, authenticated attacker who has the OSPF secret key. Successful exploitation can cause the device to relo...
CVE-2026-20023
Summary: CVE-2026-20023 affects Cisco Secure Firewall ASA/FTD OSPF protocol handling. The issue is memory corruption when parsing OSPF packets, enabling an unauthenticated, adjacent attacker to cause memory corruption and a reboot, resulting in DoS. Affected products: Cisco Secure Firewall ASA so...